Facebook accounts could’ve been hijacked with an old cryptographic issue, which it’s now fixed. But some of the world’s most popular sites remain vulnerable, researchers say. (AP Photo/Noah Berger)

Facebook has paid out a bounty to thank some benevolent hackers who made subtle alterations to an 19-year-old attack to potentially steal user accounts. Whilst the social network has fixed, however, many major websites remain vulnerable, the researchers warned.

The social network wouldn’t disclose how much it paid Hanno Böck, from the Ruhr-Universitat Bochum, and fellow researchers Juraj Somorovsky and Craig Young for their work. The researchers kept the payment to themselves too, though they published a blog post on their findings Tuesday, dubbing the hack the “ROBOT Attack.” They found a vast number of websites – almost a third of the top 100 domains in the ranked by Alexa – were still vulnerable to an attack first created by cryptographer Daniel Bleichenbacher, who uncovered weaknesses in widely-used website encryption based on RSA and Secure Socket Layer (SSL) protocols back in 1998.

In Bleichenbacher’s hack, an attacker would continually send ciphertexts (the encrypted plain text that looks like a random assortment of letters and digits) to a server. The latter would respond to each query with true or false, according to the validity of the ciphertext. This meant it was possible to determine what a user’s legitimate ciphertext would be, without access to either their private key or that of the website. The hacker would then have to send a large number of requests to a web server to generate the right ciphertext for a successful “handshake” – i.e. the agreement to share information between the user and the server over encrypted lines.

Where sites hadn’t properly implemented a fix, a hacker could abuse this to carry out a man-in-the-middle attack, where a snoop sits between the user and the web server. They could then intercept information, such as users’ passwords. “If this attack works then essentially anything you think you are sending securely to Facebook, isn’t [secure],” noted cryptography expert Alan Woodward, professor at the University of Surrey’s Department of Computing.

To prove an attack on Facebook was plausible, the researchers updated Bleichenbacher’s attack to make it more effective, before signing a message with the private key of Facebook.com’s HTTPS certificate. That meant they could effectively impersonate the website and appear legitimate, but Böck told Forbes a hacker would “have to be quite fast to intercept the handshake.”

Facebook fixes but many sites open to attack

Furthermore, Facebook fixed the problem back in October. A spokesperson said in an emailed statement: “We are grateful to the researchers who brought this to our attention. We quickly fixed the issue, which was introduced by a custom patch we developed and wasn’t caught in our testing or an external audit. We are not aware of any abuse of this issue, and we paid awards to the researchers through our bug bounty program. We also assisted the researchers in further exploring the impact of this issue for other services around the web.”

Indeed, whilst Facebook patched the issue in October, many others likely remain vulnerable, according to Böck. “There are major sites that haven’t fixed yet despite us telling them weeks ago, but we decided not to call them out,” he said. PayPal, another site the researchers claimed was vulnerable to the Robot Attack, had not responded to a request for comment at the time of publication.

A large number of web server technologies were also called out by the researchers. They’ve provided a handy list for anyone concerned their website is vulnerable. Cisco, for instance, has released an advisory for its myriad products affected by the attacks.

“Bleichenbacher’s attack isn’t new, so it is surprising that it is reappearing, especially on such high profile systems,” said Woodward.

“These attacks are hard to execute, but if you had access to a Wi-Fi access point or some major communications cable it could be a problem,” added Matthew Green, a cryptography expert and assistant professor at the Johns Hopkins Information Security Institute. “In practice it’s probably not going to allow mass surveillance because these attacks are slow. But it could allow targeted interception.”